Cyber-criminals unfortunately have been on top of the latest technologies and are upping-the-ante of their attacks, in some ways faster than the good guys are able to respond. Given the trends we saw in 2014, it’s safe to assume that cyber-criminals will stage increasingly brazen and bold attacks in the year(s) ahead. Nothing is safe anymore and individuals and businesses need to do everything possible to keep attentive and secure their assets.
The time for urgency around protecting your business against cyber-crime is now more relevant than ever. Becoming extra vigilant, tracking the latest trends, and adopting cyber-security best practices will go a long ways toward protecting you and your organization in 2015.
An area that’s been trending steadily in recent years is known as Big Data security analytics. What is Big Data security analytics, you may ask? We all know that organizations today are bombarded with massive amounts of information. Big Data security analytics is really about filtering the massive number of events across the increasingly wide variety of data sources whether traditional log and audit files or more emerging sources such as videos, images, social media, email, and sensors. One source aptly describes this new focus area as follows:
Big data security analytics let organizations sift through massive amounts of data — generated inside and outside the organization — to uncover hidden relationships, detect patterns and remove security threats. Security analytics blend real-time analytics on data in motion with historical analysis on data at rest.
In the following we’d like to take a closer look at the implications of Big Data security analytics – what it means for your company and why it matters for the future of your strategy roadmap.
1. The increasing volume, variety, and sophistication of new threats
The scale and level of malicious attacks is increasing against everyday enterprises. In fact, according to one survey a few years ago, 59% of enterprises are certain or fairly certain they been the target of an Advanced Persistent Threat (APT), or a set of stealthy and continuous computer hacking processes, often orchestrated by human(s) targeting a specific entity. Another 30% of enterprises believe they’re vulnerable to these kind of attacks. The era of Big Data has meant there are many more sources of potential attacks than ever before. This requires organizations of all sizes to up-the-ante in terms of their ability to detect, analyze, and remediate advanced threats from a multitude of different sources.
2. Rapid changes in IT systems & technology
The IT landscape has changed so dramatically in recent years. The constant updates of new server/endpoint virtualization, cloud computing, mobile device & BYOD support, Internet of Things, and now the imminence of new approaches to device management like Unified Endpoint Management – means increasing challenges for organizations to scale up their cyber-security infrastructure. This continuous adoption of new technologies adds further uncertainty and complexity to the security infrastructure. But organizations need to be proactive and experiment with Big Data security analytics programs and initiatives to keep up with the latest advances. Stalling out now is sure to result in an increased risk of a major security breach.
3. Traditional security monitoring systems are not enough
Many of today’s organizations are relying on approaches to Security Information and Event Management (SIEM) that are based upon off-the-shelf SQL databases or proprietary data stores that were not designed nor can be expected to keep up with the massive amount of data that organizations interact with today. Also, most existing systems require a high degree of human intelligence and customization to monitor and detect new threats, which in turn requires more hiring and training to keep up.
4. Need to shift from prevention to prediction & remediation
There’s a legend of the Dutch boy who discovered a leak in a dike and decided to plug it with his finger so a breach might not occur and flood his homeland of Holland. Now fortunately for him others realized the problem and came to his rescue and he was hailed as a hero. But IT organizations today aren’t so lucky. The problem is that putting in security patches and updates might stop the “leaking” temporarily, but they’re stuck if they move. The upshot here is that organizations cannot afford to be hamstrung by mere prevention of cyber threats and malware attacks. Business leaders and IT experts today need to be onboard with Big Data security analytics systems that leverage the latest advances in real-time and situational monitoring. These systems offer intelligent advising in the form of predictive heuristics, statistical and behavior models, correlation rules, and threat intelligence feeds to give organizations up to the minute optics on their security infrastructure.
5. It’s all about real-time, sensor-based security monitoring intelligence
The kind of robust Big Data security requirements needed to protect today’s digitally savvy organization are nicely summarized below in an article provided courtesy of Innovation Insights:
* Sensors that enable the automatic discovery and security assessment of on-premises, mobile, virtual and cloud based devices and applications
* Active and passive vulnerability assessment of 100% of your assets, not just a sampling based on technologies or time
* Real time detection of malware, botnets, APTs, vulnerabilities and configuration issues that may imply intruders or compliance violations and that require rapid remediation
* Attack path analysis
* Collection, storage, analysis and correlation of logs from all devices and applications
* Proactive monitoring and reporting on your network’s compliance with a security policy
* Integration with your existing security ecosystem
To repeat the point made at the beginning of this article, 2014 was a major wake-up call in the cyber-security industry. Nothing is safe anymore and individuals and businesses need to do everything possible to keep attentive and secure their assets. Now is the time to take deliberate and proactive measures to make your website and infrastructure cyber-strong. Adopting Big Data security analytics will go a long ways toward helping your organization meet the security, technological, and management challenges posed by today’s increasingly brazen and sophisticated forms of cyber-crime.